Examples with RequestMatcher org.springframework.security.web.util.matcher.RequestMatcher used on opensource projects

Search in sources :

Example 16 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-security by spring-projects.

the class DelegatingAuthenticationEntryPointTests method testFirstEntryPoint.

@Test
public void testFirstEntryPoint() throws Exception {
    AuthenticationEntryPoint firstAEP = mock(AuthenticationEntryPoint.class);
    RequestMatcher firstRM = mock(RequestMatcher.class);
    AuthenticationEntryPoint secondAEP = mock(AuthenticationEntryPoint.class);
    RequestMatcher secondRM = mock(RequestMatcher.class);
    when(firstRM.matches(request)).thenReturn(true);
    entryPoints.put(firstRM, firstAEP);
    entryPoints.put(secondRM, secondAEP);
    daep.commence(request, null, null);
    verify(firstAEP).commence(request, null, null);
    verify(secondAEP, never()).commence(request, null, null);
    verify(defaultEntryPoint, never()).commence(request, null, null);
    verify(secondRM, never()).matches(request);
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AuthenticationEntryPoint(org.springframework.security.web.AuthenticationEntryPoint) Test(org.junit.Test)

Example 17 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-security by spring-projects.

the class ExpressionBasedFilterInvocationSecurityMetadataSourceTests method expectedAttributeIsReturned.

@Test
public void expectedAttributeIsReturned() {
    final String expression = "hasRole('X')";
    LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
    requestMap.put(AnyRequestMatcher.INSTANCE, SecurityConfig.createList(expression));
    ExpressionBasedFilterInvocationSecurityMetadataSource mds = new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, new DefaultWebSecurityExpressionHandler());
    assertThat(mds.getAllConfigAttributes()).hasSize(1);
    Collection<ConfigAttribute> attrs = mds.getAttributes(new FilterInvocation("/path", "GET"));
    assertThat(attrs).hasSize(1);
    WebExpressionConfigAttribute attribute = (WebExpressionConfigAttribute) attrs.toArray()[0];
    assertThat(attribute.getAttribute()).isNull();
    assertThat(attribute.getAuthorizeExpression().getExpressionString()).isEqualTo(expression);
    assertThat(attribute.toString()).isEqualTo(expression);
}
Also used : AnyRequestMatcher(org.springframework.security.web.util.matcher.AnyRequestMatcher) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) ConfigAttribute(org.springframework.security.access.ConfigAttribute) Collection(java.util.Collection) FilterInvocation(org.springframework.security.web.FilterInvocation) LinkedHashMap(java.util.LinkedHashMap) Test(org.junit.Test)

Example 18 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-security by spring-projects.

the class DefaultFilterInvocationSecurityMetadataSourceTests method createFids.

// ~ Methods
// ========================================================================================================
private void createFids(String pattern, String method) {
    LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
    requestMap.put(new AntPathRequestMatcher(pattern, method), this.def);
    this.fids = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) ConfigAttribute(org.springframework.security.access.ConfigAttribute) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Collection(java.util.Collection) LinkedHashMap(java.util.LinkedHashMap)

Example 19 with RequestMatcher

use of org.springframework.security.web.util.matcher.RequestMatcher in project spring-boot by spring-projects.

the class CloudFoundryActuatorAutoConfigurationTests method cloudFoundryPathsIgnoredBySpringSecurity.

@Test
public void cloudFoundryPathsIgnoredBySpringSecurity() throws Exception {
    EnvironmentTestUtils.addEnvironment(this.context, "VCAP_APPLICATION:---", "vcap.application.application_id:my-app-id");
    this.context.refresh();
    IgnoredRequestCustomizer customizer = (IgnoredRequestCustomizer) this.context.getBean("cloudFoundryIgnoredRequestCustomizer");
    IgnoredRequestConfigurer configurer = mock(IgnoredRequestConfigurer.class);
    customizer.customize(configurer);
    ArgumentCaptor<RequestMatcher> requestMatcher = ArgumentCaptor.forClass(RequestMatcher.class);
    verify(configurer).requestMatchers(requestMatcher.capture());
    RequestMatcher matcher = requestMatcher.getValue();
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setServletPath("/cloudfoundryapplication/my-path");
    assertThat(matcher.matches(request)).isTrue();
    request.setServletPath("/some-other-path");
    assertThat(matcher.matches(request)).isFalse();
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) IgnoredRequestCustomizer(org.springframework.boot.autoconfigure.security.IgnoredRequestCustomizer) IgnoredRequestConfigurer(org.springframework.security.config.annotation.web.builders.WebSecurity.IgnoredRequestConfigurer) Test(org.junit.Test)

Aggregations

RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)19 LinkedHashMap (java.util.LinkedHashMap)7 Test (org.junit.Test)7 ConfigAttribute (org.springframework.security.access.ConfigAttribute)6 Collection (java.util.Collection)5 AuthenticationEntryPoint (org.springframework.security.web.AuthenticationEntryPoint)5 AndRequestMatcher (org.springframework.security.web.util.matcher.AndRequestMatcher)4 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)4 NegatedRequestMatcher (org.springframework.security.web.util.matcher.NegatedRequestMatcher)4 RequestHeaderRequestMatcher (org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher)4 ArrayList (java.util.ArrayList)3 MvcRequestMatcher (org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher)3 MediaTypeRequestMatcher (org.springframework.security.web.util.matcher.MediaTypeRequestMatcher)3 ContentNegotiationStrategy (org.springframework.web.accept.ContentNegotiationStrategy)3 HeaderContentNegotiationStrategy (org.springframework.web.accept.HeaderContentNegotiationStrategy)3 Map (java.util.Map)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 FilterInvocation (org.springframework.security.web.FilterInvocation)2 OrRequestMatcher (org.springframework.security.web.util.matcher.OrRequestMatcher)2 Filter (javax.servlet.Filter)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial